Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
php php 7.1.2 vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv3
CVE-2017-11628
In PHP prior to 5.6.31, 7.x prior to 7.0.21, and 7.1.x prior to 7.1.7, a stack-based buffer overflow in the zend_ini_do_op() function in Zend/zend_ini_parser.c could cause a denial of service or potentially allow executing code. NOTE: this is only relevant for PHP applications th...
Php Php
Php Php 7.0.11
Php Php 7.0.4
Php Php 7.0.19
Php Php 7.0.3
Php Php 7.0.1
Php Php 7.0.12
Php Php 7.0.13
Php Php 7.0.16
Php Php 7.0.7
Php Php 7.0.14
Php Php 7.0.20
Php Php 7.0.15
Php Php 7.0.18
Php Php 7.0.2
Php Php 7.0.9
Php Php 7.0.8
Php Php 7.0.17
Php Php 7.0.5
Php Php 7.0.10
Php Php 7.0.0
Php Php 7.0.6
7.5
CVSSv3
CVE-2017-11142
In PHP prior to 5.6.31, 7.x prior to 7.0.17, and 7.1.x prior to 7.1.3, remote attackers could cause a CPU consumption denial of service attack by injecting long form variables, related to main/php_variables.c.
Php Php 7.0.0
Php Php 7.0.1
Php Php 7.0.8
Php Php 7.0.9
Php Php 7.1.0
Php Php 7.1.1
Php Php 7.0.4
Php Php 7.0.5
Php Php 7.0.12
Php Php 7.0.13
Php Php
Php Php 7.0.6
Php Php 7.0.7
Php Php 7.0.14
Php Php 7.0.15
Php Php 7.0.16
Php Php 7.0.2
Php Php 7.0.3
Php Php 7.0.10
Php Php 7.0.11
Php Php 7.1.2
7.5
CVSSv3
CVE-2017-11144
In PHP prior to 5.6.31, 7.x prior to 7.0.21, and 7.1.x prior to 7.1.7, the openssl extension PEM sealing code did not check the return value of the OpenSSL sealing function, which could lead to a crash of the PHP interpreter, related to an interpretation conflict for a negative n...
Php Php 7.1.0
Php Php 7.1.6
Php Php 7.0.11
Php Php 7.0.4
Php Php 7.1.3
Php Php 7.1.5
Php Php 7.0.19
Php Php 7.0.3
Php Php 7.0.1
Php Php 7.1.2
Php Php 7.0.12
Php Php 7.0.13
Php Php 7.0.16
Php Php 7.0.7
Php Php 7.0.14
Php Php 7.0.20
Php Php 7.0.15
Php Php
Php Php 7.0.18
Php Php 7.0.2
Php Php 7.0.9
Php Php 7.0.8
7.5
CVSSv3
CVE-2017-6441
The _zval_get_long_func_ex in Zend/zend_operators.c in PHP 7.1.2 allows malicious users to cause a denial of service (NULL pointer dereference and application crash) via crafted use of "declare(ticks=" in a PHP script. NOTE: the vendor disputes the classification of thi...
Php Php 7.1.2
7.4
CVSSv3
CVE-2017-7272
PHP up to and including 7.1.11 enables potential SSRF in applications that accept an fsockopen or pfsockopen hostname argument with an expectation that the port number is constrained. Because a :port syntax is recognized, fsockopen will use the port number that is specified in th...
Php Php
NA
CVE-2014-0103
WebAccess in Zarafa prior to 7.1.10 and WebApp prior to 1.6 stores credentials in cleartext, which allows local Apache users to obtain sensitive information by reading the PHP session files.
Fedoraproject Fedora 19
Zarafa Zarafa 7.0.10
Zarafa Zarafa 7.0.12
Zarafa Zarafa 7.0.7
Zarafa Zarafa 7.0.9
Zarafa Webapp
Zarafa Zarafa
Zarafa Zarafa 7.0
Zarafa Zarafa 7.0.1
Zarafa Zarafa 7.1.1
Zarafa Zarafa 7.0.2
Zarafa Zarafa 7.0.3
Zarafa Zarafa 7.0.4
Zarafa Zarafa 7.0.5
Zarafa Zarafa 7.1.2
Zarafa Zarafa 7.1.3
Zarafa Zarafa 7.1.4
Fedoraproject Fedora 20
Zarafa Zarafa 7.0.11
Zarafa Zarafa 7.0.13
Zarafa Zarafa 7.0.6
Zarafa Zarafa 7.0.8
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4367
CVE-2024-35977
CVE-2023-49335
man-in-the-middle
CVE-2024-4947
CVE-2024-31714
memory leak
SQL
CVE-2024-35994
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started